Other Regulatory Developments to Watch
MARCH 05, 2024

Sustainable Finance

The latest issue of the Regulatory Update informed about the European Commission’s (EC) final delegated act of the European Sustainability Reporting Standards (ESRS), the EBA’s Decision EBA/DC/498 for an ad-hoc data collection on ESG risks, as well as the EC’s issue of a consultation process to seek feedback on the Sustainable Finance Disclosures Regulation (SFDR).

On 12 October 2023, the EBA published a report on the role of environmental and social risks in the prudential framework of credit institutions and investment firms. Taking a risk-based approach, the report assesses how the current prudential framework captures environmental and social risks and recommends targeted enhancements to accelerate the integration of such risks in Pillar 1. The proposed enhancements aim to support the transition towards a more sustainable economy, while ensuring that the banking sector remains resilient. The report also develops considerations on the potential use of macroprudential tools. It explains why the EBA does not support the introduction of a green supporting factor or a brown penalising factor at this stage. In the report, the EBA also puts forward recommendations for short-term actions to be taken over the next three years as part of the implementation of the revised Capital Requirements Regulation and Capital Requirements Directive (the ‘CRR3’ and the ‘CRD6’).

At the end of November the EBA published a statement in the context of the 2023 United Nations Climate Change Conference (COP28), whereby it highlighted its efforts to integrate sustainability aspects in many areas of its work, including risk management, disclosures, supervisory practices, climate stress testing and the Pillar 1 framework. This statement highlights the role of the banking industry as well as that of EBA in the sustainability transition.

At the beginning of December, the three European Supervisory Authorities (EBA, EIOPA and ESMA – the ‘ESAs’) published their Final Report amending the draft Regulatory Technical Standards (RTS) to the Delegated Regulation supplementing the SFDR. The ESAs propose adding new social indicators and streamlining the framework for the disclosure of principal adverse impacts of investment decisions on the environment and society. The ESAs also suggest new product disclosures regarding “greenhouse gas emissions reduction” targets. Additionally, the ESAs propose further technical revisions to the SFDR Delegated Regulation. The EC will assess these draft RTS and decide whether to endorse them in the coming months. These draft RTS would be applied independently of the comprehensive assessment of the SFDR announced by the EC in September 2023 and before changes resulting from that assessment would be introduced.


On 18 December 2023, the EBA published the Guidelines on the benchmarking of diversity practices, including diversity policies and gender pay gap, under the CRD and the Investment Firms Directive. These Guidelines shall ensure a higher level of transparency on the EBA’s work in the area of diversity and gender equality and help improve the quality of collected data as well as the awareness of all stakeholders.

The Guidelines apply to credit institutions and investment firms who should be able to provide data in relation to diversity policies, diversity practices and the gender pay-gap at the level of the management body. Data collection and the benchmarking exercise shall be carried out every three (3) years, and will be based on a sample of institutions as determined by the competent authority in liaison with the EBA.

The EBA and competent authorities are required to benchmark diversity practices in institutions’ management bodies, under Article 91(11) of the CRD. The EBA and the competent authorities are also mandated to collect information on the gender pay gap of members of the management body under Article 75(1) of the CRD. The new reporting format shall apply for the collection of data in 2025 for the reporting date 31 December 2024.

Policy Mandates under the Digital Operational Resilience Act

On 8 December 2023, the ESA’s jointly launched a public consultation on the second batch of policy mandates under the Digital Operational Resilience Act (DORA). These include:

  1. RTS and ITS on content, timelines and templates on ICT-related incident reporting (Article 20),
  2. Guidelines on aggregated costs and losses from major ICT-related incidents (Article 11(1)),
  3. RTS on thread-led penetration testing (Art.26(11)),
  4. RTS on subcontracting of critical or important functions (Art.30(5)),
  5. Guidelines on oversight cooperation between the ESAs and competent authorities (Article 32(7)), and
  6. RTS on oversight harmonisation (Art.41(1)).

This consultation runs until the 4 March 2024 and credit institutions are encouraged to provide their feedback.